Wednesday, November 18, 2009

20% of cyber attacks OK?

If network administrators simply instituted proper configuration policies and conducted good network monitoring, about 80 percent of commonly known cyber attacks could be prevented, a Senate committee heard Tuesday.

The remark was made by Richard Schaeffer, the NSA’s information assurance director, who added that simply adhering to already known best practices would sufficiently raise the security bar so that attackers would have to take more risks to breach a network, “thereby raising [their] risk of detection.”( Risk of detection of the attack, not who or where they are located, G )

Larry Clinton, president of the Internet Security Alliance, told senators that public apathy and ignorance played as much a role in the current state of cyber security as the unwillingness of corporate entities to take responsibility for securing the public’s data.

“Many consumers have a false sense of security due to their belief that most of the financial impact resulting from the loss of personal data will be fully covered by corporate entities like the banks,” he said. “In fact, much of these losses are transferred back to consumers in the form of higher interest rates and consumer fees.” ( Criminal penalties would wake them up, ID theft happens every 8 min., G )

A 2009 Price Waterhouse Cooper study on global information security found that 47 percent of companies are reducing or deferring their information security budgets, despite the growing dangers of cyber incursions.

Philip Reitinger, director of the National Cyber Security Center at the Department of Homeland Security, said that end users also need to be made aware of the simple things they can do to protect themselves — such as keeping software and anti-virus up to date. ( BS They need malware sweepers, rootkit detectors and Micro Soft to allow illegal OS to update security also, which will cut down on botnets.G )

One panelist, Larry Wortzel a retired army intelligence officer, made the case for the NSA to take the lead on the government’s cyber security initiatives, despite the agency’s public stance that it has no interest in assuming the position.

“If, in fact, the NSA has technical capabilities beyond those of the providers, why should you be relying on the providers in areas where the NSA actually has greater capability?” he asked.

Why should the NSA only be invited into a provider’s network in certain situations when the NSA might be in a better position than the provider to know when it’s under attack? And how can the relationship between providers and the NSA be anything but ongoing and continuous when cyberattacks are unremitting?, he added. ( NSA would have to disclose how they penetrate networks, and that would cut down on their capabilities. Not NSA's job, contrary to their mandate. G )